Ignore Microsoft, check everything

Microsoft says you don't have to check some files for viruses: Bad idea, which, of course, means that any self-respecting virus writer will now use them to hide viruses in.

OK. I get it. Everyone wants to have the fastest possible computer. But, when Microsoft published a list of what files you shouldn't bother to check for viruses, since looking in on them can really slow a PC down, they also gave a blueprint to virus-writers on where they should focus their attacks.

Trend Micro malware researcher David Sancho is the one who spotted this gaffe by Microsoft. In a Trend Micro blog, Sancho wrote: "Cyber-criminals may strategically drop or download a malicious file into one of the folders that are recommended to be excluded from scanning, or use a file extension that is also in the excluded list." You think!?

Essentially, what Microsoft has done is told virus-writers they can safely hide their programs. What self-respecting virus writer will be able to resist?

As Computerworld reported, Sancho and I aren't the only ones who see it that way. Andrew Storms, nCircle Network Security's director of security operations said, "I would agree with Trend that making any sort of white-listing with your security software is not for the average user or the faint at heart."

Storms doesn't think it's that big of a deal though. I disagree.

Anti-virus software isn't any kind of sovereign remedy for malware, but it's the best protection that 99% of all users have and any policy that might weaken it is a bad policy. Sure, if you use Microsoft's white-list and don't check some directories and file types you'll get a faster computer, but is the modest speed gain you'll get worth opening up your computer to potential new attackers? I don't think so.

Besides, Windows PC or server, you can always set the anti-virus checks to run when the computer is likely to be idle. If you do this, which I think most of us do anyway, you'll be as safe as your anti-virus software can make you and you'll never notice that at 2 in the morning your computer isn't running as fast as it could run.

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies